<?php
// +----------------------------------------------------------------------
// | Trackback
// +----------------------------------------------------------------------
// | @link ( http://www.yurnero.net )
// +----------------------------------------------------------------------
// | @copyright
// +----------------------------------------------------------------------
// | @licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
// +----------------------------------------------------------------------
// | @author Haijun Wu <nicholasinlove@126.com>
// +----------------------------------------------------------------------
// | $Id: TrackbackAction.class.php 56 2011-03-17 15:46:38Z nicholasinlove1986@gmail.com $
// +----------------------------------------------------------------------


class TrackbackAction extends BaseAction {
	
	//接收trackback
	public function trackback() {
		header('Content-type: text/xml');
		//import("@.ORG.Base64");
		//$base64 = new Base64;
		/* trackback是否开启 */
		if (!C('enable_trackback')) {
			$this->trackbackXml('Trackback Disabled');
		}
		/* 检查参数code */
		$code = $_GET['code'] ? $_GET['code'] : $_POST['code'];
		if (empty($code)) {
			$this->trackbackXml('Invalid Parameter');
		}
		/* 解码 */
		//$code = $base64->decrypt(rawurldecode($code),KEY);
		$code = base64_decode(rawurldecode($code));		
		$arr = explode('|', $code);
		if(count($arr) != 2) {
			$this->trackbackXml('Invalid Parameter');
		}
		/* trackback是否开启时效性 */
		if(C('time_trackback') && (gmtime()-intval($arr[1])>(3600*24))) {
			$this->trackbackXml('Overtime');
		}
		/* 检查日志有效性 */
		$posts = M('Posts');
		$posts_id = intval($arr[0]);
		$list = $posts->field('posts_istrack,posts_addtime')->find($posts_id);		
		if ($list!==false) {
		    /* 检查日志是否允许引用 */
			if (!$list['posts_istrack']) {
				$this->trackbackXml('No Trackback Without Permission');
			/* 检查日志发表时间有效性(如果日志发表时间有可控性,此项有意义 */
			} elseif ($list['posts_addtime'] != intval($arr[1])) {
				$this->trackbackXml('Posts Info Is Wrong');
			} else {
			/* 数据安全性处理 */
				$url       = addslashes(trim($_POST['url']));
				$title     = auto_encode(h($_POST['title']));
				$excerpt   = auto_encode(msubstr(h($_POST['excerpt']), 0, 80));
				$blog_name = auto_encode(h($_POST['blog_name']));
				if (!$title || !$excerpt || !$url || !$blog_name) {
					$this->trackbackXml('Invalid Parameter');
				} elseif(substr($url, 0, 7) != 'http://') {
					$this->trackbackXml('Invalid Parameter');
				} else {					
					/* 插入数据库 */
					$tb = M('Trackback');
					$data['posts_id']    = $posts_id;
					$data['tb_title']    = $title;
					$data['tb_excerpt']  = $excerpt;
					$data['tb_url']      = $url;
					$data['tb_blogname'] = $blog_name;
					$data['tb_ip']       = get_client_ip();
					$data['tb_addtime']  = gmtime();
					$data['tb_visible']  = C('remark_trackback'); //是否审核
					$result = $tb->add($data);
					$this->trackbackXml('Success',0);
				}
			}
		} else {
			$this->trackbackXml('No Posts');
		}
	}
	
	//生成trackback链接
	public function makeTrackbackCode($id) {
		//import("@.ORG.Base64");
		//$base64 = new Base64;
		$posts_id = intval($id);
		$posts = M('Posts');
		$map = array();
		$map['posts_status'] = 1; 
		$map['posts_draft'] = 1;
		$list = $posts->where($map)->field('posts_id,posts_addtime')->find($posts_id);		
		if ($list!==false) {		
			//$code = rawurlencode($base64->encrypt("$list[posts_id]|$list[posts_addtime]",KEY));
			$code = rawurlencode(base64_encode("$list[posts_id]|$list[posts_addtime]"));
			echo $code;		
		} else {
		    echo 'No Posts';
		}
		//$code = $base64->decrypt(rawurldecode($code),KEY);
		
	
	}
	
	//发送消息页面
	public function trackbackXml($message, $error = 1) {
		echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n";
		echo "<response>\n";
		echo "\t<error>".$error."</error>\n";
		echo "\t<message>".$message."</message>\n";
		echo "</response>\n";
		exit;
	}
	
}

?>